Filter
Versions
2.0.0
5
4.2.0
5
5.6.0
5
2.0.1
4
2.0.2
4
2.0.3
4
2.0.4
4
2.0.5
4
2.0.6
4
3.0.0
4
3.0.1
4
3.0.2
4
3.0.3
4
3.2.0
4
3.2.1
4
5.7.0
4
3.0.4
3
3.0.5
3
3.1.1
3
3.1.2
3
3.2.2
3
3.2.3
3
3.2.4
3
4.1.0
3
5.0.0
3
5.8.0
3
6.0.0
3
3.1.0
2
3.1.3
2
3.1.4
2
3.2.5
2
3.2.6
2
3.2.7
2
3.2.8
2
3.2.9
2
5.1.0
2
5.2.0
2
5.4.0
2
6.1.0
2
3.1.5
1
3.2.10
1
4.0.0
1
4.0.1
1
4.0.2
1
4.0.3
1
4.0.4
1
4.1.1
1
4.1.2
1
4.1.3
1
4.2.0-release
1
4.2.1-release
1
4.2.12
1
4.2.2-release
1
5.0.0-m1
1
5.2.1
1
5.3.0
1
5.5.0
1
5.7.10
1
5.7.9
1
5.8.4
1
6.0.4
1
6.1.1
1
VMware Spring SecurityThe spring-security.xsd file inside the spring-security-config jar is world writable which means tha…
5.5
First published (updated )
redhat/spring-securityUsing "**" as a pattern in Spring Security configuration for WebFlux creates a mismatch in pattern m…
9.8
First published (updated )
maven/org.springframework.security:spring-security-configVMware Tanzu Spring Security could allow a remote attacker to bypass security restrictions, caused b…
7.3
First published (updated )
maven/org.springframework.security:spring-security-coreIn Spring Security, versions 5.7.x prior to 5.7.8, versions 5.8.x prior to 5.8.3, and versions 6.0.x…
6.3
First published (updated )
redhat/Spring SecurityVMware Tanzu Spring Security could allow a remote attacker to gain elevated privileges on the system…
8.1
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
redhat/spring securityA flaw was found in the spring-security framework. Spring Security could allow a remote attacker to …
9.8
First published (updated )
redhat/spring-securityA flaw was found in Spring Security. When using RegexRequestMatcher, an easy misconfiguration can by…
9.8
First published (updated )
Pivotal Software Spring SecuritySpring Security 5.4.x prior to 5.4.4, 5.3.x prior to 5.3.8.RELEASE, 5.2.x prior to 5.2.9.RELEASE, an…
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
VMware Spring SecurityDictionary attack with Spring Security queryable text encryptor
6.5
First published (updated )
IBM GDEPlaintextPasswordEncoder authenticates encoded passwords that are null
7.5
First published (updated )
VMware Spring SecurityInsecure Randomness When Using a SecureRandom Instance Constructed by Spring Security
6.5
First published (updated )
VMware Spring SecurityPivotal Spring Security could allow a remote attacker to execute arbitrary code on the system, cause…
9.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
VMware Spring SecurityThe ActiveDirectoryLdapAuthenticator in Spring Security 3.2.0 to 3.2.1 and 3.1.0 to 3.1.5 does not c…
7.5
First published (updated )
VMware Spring SecurityWhen using the CAS Proxy ticket authentication from Spring Security 3.1 to 3.2.4 a malicious CAS Ser…
9.8
First published (updated )
Spring FrameworkBoth Spring Security 3.2.x, 4.0.x, 4.1.0 and the Spring Framework 3.2.x, 4.0.x, 4.1.x, 4.2.x rely on…
7.5
First published (updated )
VMware Spring SecurityAn issue was discovered in Pivotal Spring Security before 3.2.10, 4.1.x before 4.1.4, and 4.2.x befo…
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
VMware Spring SecurityCode Injection, CRLF Injection
4.3
First published (updated )
maven/org.springframework.security:spring-security-coreSpring Framework 3.0.0 through 3.0.5, Spring Security 3.0.0 through 3.0.5 and 2.0.0 through 2.0.6, a…
6.8
First published (updated )
VMware Spring SecurityVMware SpringSource Spring Security 2.x before 2.0.6 and 3.x before 3.0.4, and Acegi Security 1.0.0 …
First published (updated )